One of my acquaintances, a fellow MCT, happened upon a phishing scam that makes use of chromeless windows. He hadn't seen it in action before, so I put together this post to demonstrate the potential evils. Note that if you are using XP with SP2 then it won't be that impressive! This security hole has been plugged pretty well with that patch.
For those browsing with IE and without XP SP2, watch what happens to the URL in your address bar when you click the button. Now edit what's in the textbox and click again. Now bring up something at the left, such as Search, History, whatever. Something to offset the screen a tad, and click again. So fortunately it's not a perfect way to fake an address bar, but dang does it get close! Same thing could be done to place a lock icon in what looks like the proper place down in the status bar, faking out an SSL site.
Another interesting tidbit with SP2: if you set up this site to be trusted:
(do you trust geekswithblogs enough for that?) then it does replace the address bar. Same thing for pages local to your machine, either from the file system or served up through localhost. So the SP2 update fixes specifically sites in the Internet or Restricted zones.
The exploit is covered in more detail here: